feat(ci): publish bca CLI to PyPI as pip wheel#504
Merged
Conversation
Add a standalone python-cli-wheels.yml workflow plus a -b bin pyproject.toml so `pip install big-code-analysis-cli` drops the compiled `bca` binary onto PATH (no Rust toolchain), the way `pip install ruff` installs `ruff`. The dist name (big-code-analysis-cli) differs from the installed command (bca) and from the importable library bindings (big-code-analysis); README, book, and CHANGELOG state the split explicitly. Mirrors python-wheels.yml: numeric-tag trigger, opt-in PR label, aggregate gate, PyPI Trusted Publishing in a distinct `pypi-cli` environment. Differs in shipping a py3-none-<platform> bin wheel (no abi3 / no per-Python matrix) across Linux manylinux_2_28 (x86_64/aarch64), macOS (x86_64/arm64), and Windows (x86_64). The CLI crate already pins all-languages (#252), so the bin build carries every grammar with no maturin feature wiring. Per-binary THIRD-PARTY-LICENSES-bca.md (cargo-about) + LICENSE ride in .dist-info/licenses/ via [project].license-files; man pages are bundled via [tool.maturin] include (globbed so clean builds and sdist still work). Staged artefacts are gitignored. RELEASING.md documents the one-time PyPI Trusted Publisher and pypi-cli environment setup. Fixes #408
The release narrative described only release.yml. Note that the same v* tag also fires python-wheels.yml and python-cli-wheels.yml in parallel, that they publish in lockstep on every bump, that prerelease tags skip the PyPI publish (matching crates.io), and add a post-release step to verify both wheels landed. Fixes #408
- smoke-test: replace `bca list-metrics names | head -n1` with a redirect to /dev/null — the pipe SIGPIPEs the producer under pipefail (the anti-pattern release.yml documents). - smoke-test: implement the version-parity assertion the comment promised — on a tag build, assert `bca --version` contains the tag version; skip on PR/dispatch (no tag, no checkout). - build/verify: make the macOS per-leg wheel check arch-specific (`macosx_*_x86_64` / `macosx_*_arm64`) so a cross-build emitting the host arch fails at the leg, not only at the publish inventory. - build: pin the host toolchain (RUST_TOOLCHAIN 1.94.0, matching release.yml) so macOS/Windows wheel binaries are reproducible instead of tracking a floating stable. - publish: widen the prerelease guard to `!contains(github.ref, '-')` to match release.yml's `*-*` rule exactly, so a single tag cannot land a prerelease on PyPI while skipping crates.io; RELEASING.md updated to describe the actual guards. - fix stale "venv" wording in smoke-test comments (no venv is created). Fixes #408
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Makes the
bcaCLI pip-installable:pip install big-code-analysis-clidrops the compiled
bcabinary ontoPATH(no Rust toolchain), the waypip install ruffinstalls theruffcommand. Closes #408.The PyPI distribution name is
big-code-analysis-cliwhile theinstalled command stays
bca— distinct from the importable librarybindings published as
big-code-analysis. The naming split is statedexplicitly in every doc a user or maintainer touches.
What's here
big-code-analysis-cli/pyproject.toml— maturin-b binconfig:bindings = "bin", dynamic version from the workspaceCargo.toml(lockstep),
license-filesforLICENSE+THIRD-PARTY-LICENSES-bca.md→
.dist-info/licenses/, globbed man-pageinclude. No[tool.maturin] featuresneeded — the crate already pinsall-languages(feat(lib): per-language Cargo features for grammar selection #252), so the bin build carries every grammar.
.github/workflows/python-cli-wheels.yml— standalone, modeled onpython-wheels.yml: numeric-tag trigger, opt-inpython-cli-wheelsPRlabel, build matrix (Linux
manylinux_2_28x86_64/aarch64, macOSx86_64/arm64, Windows x86_64), per-leg cargo-about TPL staging, arch-
specific wheel verification, clean-env smoke (install +
bca --versiontag-parity +
list-metrics+ cross-language parse), aggregate gate, andPyPI Trusted Publishing in a distinct
pypi-clienvironment..gitignore— ignores the workflow-staged artefacts.commands/README.md, CHANGELOG, andRELEASING.md (one-time TP setup, per-release flow, pre-tag checklist).
Local validation (maturin 1.13.3)
Built the
-b binwheel and confirmed on Linux x86_64:bcainstalls to<env>/bin/bca(.data/scripts/bca);bca --version→
1.1.0(lockstep with workspace).each) →
all-languagesgrammar set present.LICENSE+THIRD-PARTY-LICENSES-bca.mdin.dist-info/licenses/;License-File:metadata recorded;bca-web.1correctly excluded.maturin sdistsucceeds on a clean tree (globs/license-files skipabsent staged files — no build breakage).
make pre-commitis green (cargo trio, udeps, man-page drift gate,self-scan, py-test, markdown/TOML/actionlint). The change set is
CI/packaging/docs only — no Rust source touched.
Release-gated follow-ups (maintainer action, tracked in #408)
These cannot be validated until release time:
big-code-analysis-cli(workflowpython-cli-wheels.yml, envpypi-cli) + create thepypi-cliGitHub environment.python-cli-wheelsPR label (so the matrix runs on PRs).v*tag validates the cross-platform matrix + OIDC publishend-to-end (macOS x86_64 is cross-built on the arm64 runner — the only
leg not exercisable locally).
Notes for reviewers
This PR has been through
/review,/audit-tests, and a high-recall/code-reviewpass. The review findings (SIGPIPE| head, loose macOSarch verify, unpinned toolchain, prerelease-guard/doc mismatch, missing
version-parity assertion) are fixed in the
fix(ci):commit.